Security in Pervasive Wireless Security in Pervasive Wireless - - PowerPoint PPT Presentation

Security in Pervasive Wireless Security in Pervasive Wireless Systems Systems

Wade Trappe

WINLAB

Breaking Down the Issues (summary) Breaking Down the Issues (summary)

Confidentiality

Wireless is easy to sniff. We still need encryption services and key management. Key freshness is an issue.

Integrity

Wireless hardware/equipment need to be safe from modification. Data/control info should not be modified before or during transit.

Forensics

Wireless networks will be the platform of choice for attacks. Should the network keep track of forensic evidence?

Privacy

Perpetual connectivity can mean constant surveillance! With snooping one can monitor mobility and handoffs between networks.

Location

Location is a new form of information provided by wireless systems that will facilitate new

• services. Location information needs to be trusted.

Intrusion

The pervasiveness of the wireless networks should not mean that just anyone can participate! Example: Rogue APs

Availability

The value of a wireless network is its promise of ubiquitous connectivity. Unfortunately, wireless networks are easy to “break” (e.g. jam, denial of service)

Non-repudiation

RF energy radiates, and wireless entities within the radio coverage pattern may serve as witnesses for the actions of the transmitter.

WINLAB

Security Via Lower Layer Enforcements: Wireless Security Security Via Lower Layer Enforcements: Wireless Security at the Physical Layer at the Physical Layer

• Wireless channels are “open” and hence more susceptible to eavesdropping,

intrusion and spoofing…

• Interestingly, wireless channel properties (“RF signatures”) can be exploited for

authentication and to identify attackers

• Project on protocols and algorithms for security functions; also experimental

validation

WINLAB

Secret key extraction from a wireless channel Secret key extraction from a wireless channel

• Use channel reciprocity to build highly correlated

data sets

– Probe the channel in each direction – Estimate channel using recd. probe

• Eve receives only uncorrelated information as she

is more than λ/2 away

• Level crossings are used to generate bits
• Alice and Bob must exchange msgs over public

channel to create identical bits

• What if channel is not already authenticated?

– Requires additional sophistry to prevent man-in-the-middle attack. – It is possible using the correlated data collected from received probes.

P R O B E P R O B E P R O B E Get channel estimates L

• c

a t i

• n

s

• f

e x c u r s i

• n

s L

• c

a t i

• n

s i n a g r e e m e n t Key Key Positive excursion Negative excursion

WINLAB

• Experimental setup:

– Alice = AP – Bob = Client – Eve = Client on same channel

• Alice Bob: PING REQUEST Bob

Alice: PING REPLY

• 20 packets per second
• Eve overhears packets from both

legitimate users

• (RSSI, timestamp) from recd. packet

headers are pulled out by each user

• Mesg. exchange protocol uses the

locations of excursions to distil identical bits

• ~1 bit/sec in typical indoor environments

with no errors.

System Validation using 802.11 System Validation using 802.11

Alice Eve Bob Eve Alice Bob Bob Alice Bob Alice Alice Bob

WINLAB

Defenses for Attacks of Radio Interference in Wireless Networks Defenses for Attacks of Radio Interference in Wireless Networks

• Goal: to maintain wireless network connectivity in the presence of wireless interference (i.e.

jamming)

• Strategies:

– Channel Surfing: Adapt network channel allocations in an on-demand manner – Spatial Retreats: Use mobility to evade interference sources and re-establish network connectivity – Anti-jamming Timing Channels: Failed packet reception events may be modulated to establish a low-rate jamming resistant communication channel – Radio Teaming: A team of transmitters exploits multipath environments to perturb angular receiver patterns, in spite of SINR levels of -10dB or worse.

(Effect of a jammer on a network of Chipcon 1100 Radios) (Channel Surfing adjusts channels to re-establishes the network)

WINLAB

Jamming Jamming-

• Resistant Timing Channel Overlay Networks

Resistant Timing Channel Overlay Networks

• Objective:

Objective:

– – Create a Create a low bit low bit-

• rate overlay

rate overlay that exists on that exists on the conventional physical/link the conventional physical/link-

• layers

layers in spite in spite

• f
• f a broadband interferer.

a broadband interferer.

• Approach: Modulate the

Approach: Modulate the interarrival interarrival time time between packet transmissions to convey between packet transmissions to convey information information

– – Jammed packets are detectable Jammed packets are detectable

tim e ……

t1 t2 t3 t4 t5 ti ti+ 1

τ1 τ2 τ3 τ4 τi

Network Datalink Physical Network Datalink Physical

4Oz Overlay 4Oz Overlay Timing channel Overlay Framing Error Correct Overlay Authent.

Virtual Bitpipe

Timing channel Overlay Framing Error Correct Overlay Authent.

Virtual Bitpipe

Sender Receiver

Network Datalink Physical Network Datalink Physical

4Oz Overlay 4Oz Overlay Timing channel Overlay Framing Error Correct Overlay Authent.

Virtual Bitpipe

Timing channel Overlay Framing Error Correct Overlay Authent.

Virtual Bitpipe

Sender Receiver

The Timing Channel Overlay

WINLAB

Cognitive Radio (CR) Cognitive Radio (CR)

• Expose the lower-layers of the protocol stack to researchers, developers and the “public”

– scan the available spectrum, select from a wide range of operating frequencies – adjust modulation waveforms, perform adaptive resource allocation

• An ideal platform for abuse since the lowest layers of the wireless protocol stack are

accessible to programmers.

1.

Poor programming:

• 1. CR protocols will be complex, it will be easy to write buggy implementations
• 2. Runaway software processes…

2.

Greedy exploitation:

• Decrease back-off window in an 802.11 (or comparable) implementation
• Ignore fairness in spectrum etiquette (many co-existence protocols assume honest participants, or

honest data)

3.

Simply Ignoring Etiquette

• Primary user returns… so-what???

4.

Economic/Game-theoretic Models

• Standard economic models for spectrum sharing seek to support cooperation– but cooperation does

not ensure trusted operation!

• Security is an anti-social topic!

WINLAB

TRIESTE: TRIESTE: T Trusted rusted R Radio adio I Infrastructures for nfrastructures for E Enforcing nforcing S Spec pecT Trum rum E Etiquettes tiquettes

• Goal: to regulate the future radio environment, ensure trustworthy cognitive radio
• peration
• How — two complementary mechanisms

– On-board enforcement – restrict any violation attempt from accessing the radio:

Each CR runs its ow n suite of spectrum etiquette protocols Onboard policy checking verifies actions occur according to “spectrum law s”

– An external monitoring infrastructure:

Distributed Spectrum Authority (DSA) — police agent observes the radio

environm ent

DSA w ill punish CRs if violations are detected via authenticated kill com m ands.

WINLAB

Security in Security in MANETs MANETs: Attacks on AODV Routing : Attacks on AODV Routing

• Attacks on AODV

– Forge RREQs/RREPs/RERRs on behalf of other nodes – Reduce the hop count in RREQs/RREPs – Increase the originator sequence number in RREQs – Increase the destination sequence number in RREPs – Selectively forward/reply RREQs, RREPs, and RERRs – Wormhole Attacks S D A B C E M 3→1

WINLAB

SEAR: Secure Efficient Ad hoc Routing Protocol SEAR: Secure Efficient Ad hoc Routing Protocol

• Characteristics

– Authenticate RREQs/RREPs/RERRs – Based on symmetric key cryptography – Public key cryptography is only used in initial bootstrap phase – Sequence #’s and hop counts are protected through the use of a one-way function – Route errors are protected through a variation of TESLA

• Each node maintains 2 hash chains for itself to use

– Authenticator hash chain – TESLA key chain

• Authenticator Hash Chain: What will basically happen is…

– Each individual hop for each even sequence number should have a corresponding hash value – Odd sequence number only needs one hash value – Nodes who have an even sequence number have the corresponding next higher odd sequence number – Intermediate nodes cannot increase the sequence number or decrease the hop count

h0 ,h1 …,hn-2m-1 , …, hn-m-2 , hn-m-1 , hn-m ,hn-m+1 … ,hn-1 , hn Generation Seq#0 Seq#1 m+1 Seq#3 Seq#2 m+1 Hop0 Hop1

For RERRs

WINLAB

SEAR Route Discovery SEAR Route Discovery

• Route Request

– RREQ: {S, D, ID, SrcNum, DstNum, Hop} – ID is redundant

• Notation

– Let vs,j,c denote authenticator for node S with sequence number j and hop count c – Assume the next even sequence number of S is 2i – The most recent destination sequence number known by S is j with hop count c

• Details

– Route freshness{S, SrcNum} – Originator broadcasts new RREQ:

{S, D, ID, 2i, vs,2i,0, j, vd,j,c, 0, HERR}

– Each neighbor checks the authenticators and applies a one-way function. Then broadcasts

If has a larger destination sequence num ber j’ w ith hop count c’

• {S, D, ID, 2i, vs,2i,1, j’, vd,j’,c’, 1, HERR’}

Otherw ise,

• {S, D, ID, 2i, vs,2i,1, j, vd,j,c, 1, HERR’}

WINLAB

Security Evaluation (With Attackers) Security Evaluation (With Attackers)